package com.arlen.conf.impl;

import com.arlen.conf.MyAccess;
import org.springframework.http.HttpRequest;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;

@Service("myAccess")
public class MyAccessImpl implements MyAccess {

    @Override
    public final boolean myAccess(HttpServletRequest request, Authentication authentication) {
        boolean flag = false;
        String url = request.getRequestURI();
        Object principal = authentication.getPrincipal();

        if (principal instanceof User) {
            User user = (User) principal;
            Collection<GrantedAuthority> authorities = user.getAuthorities();
            if (authorities.contains(new SimpleGrantedAuthority(url))) flag = true;
        }
        return flag;
    }
}
